**UK Government Confirms Foreign Office Cyber Attack**
The UK government has finally confirmed that its Foreign, Commonwealth and Development Office (FCDO) was hacked in October, but insists the attack posed a "low risk" of personal data being compromised.
During a round of broadcast interviews today (19 December 2025), trade minister Chris Bryant said it was "not clear" who perpetrated the attack, although initial reports attributed it to a China-based threat actor known as Storm 1849. This group was also blamed for targeting vulnerabilities in Cisco equipment that led to a National Cyber Security Centre (NCSC) warning in September for organisations using Cisco's Adaptive Security Appliance family of unified threat management systems.
Bryant downplayed the severity of the hack, stating that some reports were "speculation" and that the government had managed to "close the hole" quickly. He added that security experts were confident there was a "low risk" of any individual being affected. However, The Sun report claimed hackers accessed confidential data and documents, possibly including thousands of visa details.
The hack has raised concerns about the potential risks of gathering citizen identity data as part of the government's plans to introduce a national digital ID scheme. Critics have long argued that such a system would be vulnerable to cyber attacks and compromise sensitive information. The development comes just a day after ITV News broadcast a report on the cyber security issues found in One Login – the government single sign-on system that will be at the heart of the digital ID plan.
2025 has been a notably damaging year for cyber attacks, with high-profile ransomware campaigns affecting Jaguar Land Rover (JLR), the Co-op and Marks & Spencer. The Office for National Statistics attributed a November decline in the UK's economy partly to the impact of the JLR attack, which stopped car production at the manufacturer and had a knock-on impact across the automotive supply chain.
Just last month, four London councils – Kensington and Chelsea; Hackney; Westminster; and Hammersmith and Fulham – suffered cyber attacks, disrupting services and prompting an NCSC investigation. Westminster has since admitted that potentially sensitive data was copied from its systems during the hack. Three of the local authorities operate a shared IT service.
**Related Stories:**
* **2025 – a year of cyber breaches**: The UK has faced a surge in high-profile cyber attacks this year, with several major organisations falling victim to ransomware campaigns. * **Cyber resilience will define winners and losers in 2026**: As the threat landscape continues to evolve, businesses must prioritize cyber security to avoid costly disruptions. * **Jaguar Land Rover cyber attack costs firm £485m in the quarter**: The car manufacturer's revenue took a hit after a ransomware attack earlier this year.
**More on Cyber Security:**
* **Data breach incident management and recovery**: Learn how to respond effectively to a cyber attack and minimize the impact on your business. * **Cyber resilience will define winners and losers in 2026**: Discover what you can do to prioritize cyber security and stay ahead of the threat landscape.